[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: R41 in draft-ietf-v6ops-cpe-simple-security-07
On 28 jul 2009, at 18:17, Yaron Sheffer wrote:
no, there is no reasonable way to establish trust
between the host and the CPE router in a home environment. So the
protocol will likely be unauthenticated.
Would it help to require a < 1024 port? On Unix-derived system you
have to be root to be able to send those, so random applications
wouldn't be able to do this without some serious tricking of the user.
There's also the old standby of setting the hop limit to 255 and
checking it's still 255 to enforce localness.